Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

GitHub

This documentation is part of the "Projects with Books" initiative at zenOSmosis.

The source code for this project is available on GitHub.

Deployment

Relevant source files

This document provides instructions for deploying the Docker MQTT Mosquitto Cloudflare Tunnel system using Docker Compose. It covers starting services, verifying successful deployment, managing service lifecycle, and troubleshooting deployment issues.

For configuration setup before deployment, see Environment Variables and Cloudflare Tunnel Configuration. For production deployment considerations, see Production Considerations.

Prerequisites Verification

Before deploying, ensure the following are in place:

RequirementVerification CommandExpected Result
Docker Enginedocker --versionDocker version 20.x or higher
Docker Composedocker compose versionDocker Compose version 2.x or higher
.env filetest -f .env && echo "exists""exists"
CLOUDFLARE_TUNNEL_TOKENgrep CLOUDFLARE_TUNNEL_TOKEN .envNon-empty token value
docker-compose.ymltest -f docker-compose.yml && echo "exists""exists"
mosquitto.conftest -f mosquitto.conf && echo "exists""exists"

Sources: README.md51 docker-compose.yml:1-18 mosquitto.conf:1-6

Starting Services

Basic Deployment

The primary deployment command starts both the mosquitto and cloudflared services as defined in docker-compose.yml:1-18:

This command runs in the foreground, displaying logs from both containers in real-time. Press Ctrl+C to stop the services.

Sources: README.md:70-72

Detached Mode

For production deployments, run services in detached mode to release the terminal:

The -d flag starts containers in the background. Services continue running after terminal closure due to the restart: unless-stopped policy defined in docker-compose.yml:9-15

Sources: docker-compose.yml:9-15

Deployment Process Flow

Sources: docker-compose.yml:1-18 README.md:70-72

Rebuild and Deploy

When configuration or code changes require rebuilding images:

This forces Docker to rebuild images before starting services. Note: This system uses pre-built images (eclipse-mosquitto:latest and cloudflare/cloudflared:latest), so rebuilding is typically unnecessary unless custom Dockerfiles are introduced.

Sources: docker-compose.yml:5-12

Verifying Deployment

Container Status Check

Verify both containers are running:

Expected output:

NAME          IMAGE                              STATUS
cloudflared   cloudflare/cloudflared:latest      Up X seconds
mosquitto     eclipse-mosquitto:latest           Up X seconds

Both containers should show STATUS as "Up" with no restart loops.

Sources: docker-compose.yml:6-13

Service-Specific Verification

Sources: docker-compose.yml:4-18 mosquitto.conf:1-6

Viewing Logs

Monitor service logs to verify successful startup:

Expected Log Patterns

mosquitto container:

  • Opening ipv4 listen socket on port 1883 - TCP listener started
  • Opening websockets listen socket on port 9001 - WebSocket listener started

cloudflared container:

  • Connection registered - Tunnel authenticated with Cloudflare
  • Started tunnel - Tunnel operational and routing traffic

Sources: docker-compose.yml:4-17 mosquitto.conf:1-6

Health Check Script

Implement a health check loop similar to the CI pipeline pattern:

This pattern is derived from the CI workflow health check implementation.

Sources: High-level diagram CI/CD Testing Pipeline, docker-compose.yml:6-13

Managing Service Lifecycle

Stopping Services

Stop all services gracefully:

This sends SIGTERM to containers, allowing clean shutdown. Containers are stopped but not removed.

Sources: docker-compose.yml:1-18

Stopping and Removing

Stop services and remove containers:

This removes containers and networks but preserves volumes and images. The restart: unless-stopped policy means services will not restart automatically after docker compose down.

Sources: docker-compose.yml:9-15

Restarting Services

Restart all services:

Restart specific service:

Sources: docker-compose.yml:4-11

Service Lifecycle States

Sources: docker-compose.yml:9-15

Updating Services

Pull latest images and restart:

Sources: docker-compose.yml:5-12

Deployment Modes Comparison

ModeCommandUse CaseLogs VisibleTerminal Blocked
Foregrounddocker compose upDevelopment, debuggingYes, real-timeYes
Detacheddocker compose up -dProduction, background servicesNo (use docker compose logs)No
Force Recreatedocker compose up --force-recreateConfig changes not detectedDepends on flagsDepends on flags
Build & Startdocker compose up --buildCustom image changesDepends on flagsDepends on flags

Sources: README.md:70-72 docker-compose.yml:1-18

Container Runtime Environment

Environment Variable Injection

The cloudflared service receives CLOUDFLARE_TUNNEL_TOKEN from the .env file via docker-compose.yml:16-17:

Docker Compose reads .env automatically and injects the variable into the container environment, where it's consumed by docker-compose.yml14:

Sources: docker-compose.yml:13-17

Volume Mount Configuration

The mosquitto service mounts its configuration file as specified in docker-compose.yml:7-8:

This creates a read-only bind mount, allowing configuration changes without rebuilding the container. Restart the mosquitto service to apply configuration changes:

Sources: docker-compose.yml:7-8 mosquitto.conf:1-6

Network Architecture

Sources: docker-compose.yml:1-18 README.md62

Deployment Checklist

Use this checklist to verify successful deployment:

  • Prerequisites verified (Docker, Docker Compose installed)
  • .env file created with CLOUDFLARE_TUNNEL_TOKEN
  • docker-compose.yml present in working directory
  • mosquitto.conf present in working directory
  • Cloudflare Tunnel configured with public hostname
  • docker compose up -d executed without errors
  • docker compose ps shows both containers running
  • docker compose logs mosquitto shows listener messages
  • docker compose logs cloudflared shows tunnel connection registered
  • MQTT client can connect via Cloudflare public hostname
  • Messages publish and subscribe successfully

Sources: README.md:23-72 docker-compose.yml:1-18

Common Deployment Issues

Token Not Found

Symptom: cloudflared container exits immediately

Cause: CLOUDFLARE_TUNNEL_TOKEN not set in .env

Solution:

Sources: docker-compose.yml:16-17

Port Conflicts

Symptom: mosquitto fails to start with "address already in use"

Cause: Another process using ports 1883 or 9001

Solution:

Sources: mosquitto.conf:1-4

Configuration File Not Found

Symptom: mosquitto container restarts repeatedly

Cause: mosquitto.conf missing or incorrect path in volume mount

Solution:

Sources: docker-compose.yml:7-8

Tunnel Connection Failure

Symptom: cloudflared logs show connection errors

Cause: Invalid token or network connectivity issues

Solution:

  1. Verify token in Cloudflare Zero Trust dashboard
  2. Check network connectivity: ping cloudflare.com
  3. Review cloudflared logs: docker compose logs cloudflared
  4. Regenerate token if expired

Sources: docker-compose.yml:13-17

Post-Deployment Validation

After deployment, validate the complete system:

Sources: docker-compose.yml:1-18 README.md:60-66

Documentation generated on November 16, 2025 at 02:02 UTC

jzombie/docker-mqtt-mosquitto-cloudflare-tunnel